12 

A. 



KEYBOARD 



DISC 
INPUT 

16 



14 
A. 



DISPLAY 



10 

A 



CPU 



18 

A 



LOCAL 
MEMORY 



FILES 
DATA 



20 



SAGE-26,477 



1/12 



FIG. 1 



24 



26 
A 



MODEM/FAX 



34 

A 



PTN 



I/O 



28 

A 



NET CARD 



36 

A 



NETWORK 



30 



A 



SCANNER 



EXECUTABLE 
PROGRAMS 



22 



32 



A 



PRINTER 



LOCAL 
RESOURCES 



38 

A 



NETWORK 
RESOURCE 



42 
A 



SYSTEM 
ADMINISTATOR 



40 
A 



USER 



44 

A 



USER RESOURCE 
ACCESS TEMPLATE 



46 
A 



USER NUMBER 
1 ACCESS 



46 
A 



USER NUMBER 
2 ACCESS 



USER NUMBER 
3 ACCESS 

— 7 

46 



FIG. 2 

(PRIOR ART) 



SYSTEM 
RESOURCE 1 



SYSTEM 
RESOURCE 2 



SYSTEM 
RESOURCE 3 



SYSTEM 
RESOURCE 4 



SYSTEM 
RESOURCE 5 



48 



48 



48 



48 



48 



SAGE-26,477 



FIG. 3 

66 

s 



PROCESS REQUESTING 
MECHANISM 



2/12 
64 



RESOURCE 
ACCESS TABLE 



60 



OPERATING 
SYSTEM 



RESOURCE 
NUMBER 1 



RESOURCE 
NUMBER 2 



o 
o 
o 



RESOURCE 
NUMBER N 



62 
62 



62 



FIG. 4 



75 SYSTEM 
" ADMINISTRATOR 



ACCESS 
CONTROL 



76 



USER 
68 



PROCESS 
NUMBER 1 

—? 

70 



PROCESS 
NUMBER 2 

—? 

70 



PROCESS 
NUMBER 3 

—? 

70 

70 



PROCESS 
NUMBER 4 



74 



PA 



74 



PA 



74 



PA 



74 



PA 



74 



PA 



62 

/ 

RESOURCE 
NUMBER 1 



62 

/ 

RESOURCE 
NUMBER 2 



62 

I 

RESOURCE 
NUMBER 3 



62 

^_ 

RESOURCE 
NUMBER 4 



62 

^_ 

RESOURCE 
NUMBER 5 



SAGE-26,477 



3/12 



75 

S 

SYSTEM 
ADMINISTRATOR 



USER 

/ 
68 



76 

_^ 

ACCESS 
CONTROL 



PROCESS 
NUMBER 1 



70 



PROCESS 
NUMBER 2 



70 



PROCESS 
NUMBER 3 

~7 

70 

70 

L_ 



PROCESS 
NUMBER 4 



FIG. 5 



74 



PA 



74 



PA 



74 



PA 



74 



PA 



74 



PA 



84 



PA 



62 



RESOURCE 
NUMBER 1 



62 
A. 



RESOURCE 
NUMBER 2 



62 



RESOURCE 
NUMBER 3 



62 



RESOURCE 
NUMBER 4 



62 



RESOURCE 
NUMBER 5 



RESOURCE 
NUMBER 6 



PROCESS 
NUMBER 5 



82 

J 



80 



SAGE-26,477 



FIG. 6 

100 XjiarD 

102 



4/12 



104-xf 




106- 



110- 



114- 



LOGIN USER 



RUN PROCESS 




LOOK UP RESOURCE 

ACCESS FOR 
REQUESTING PROCESS 




RETURN ACCESS 
DENIED ERROR CODE 



ALLOW 
ACCESS 



124- 



128- 



FIG. 7 




SET I/O TO RESOURCE 
FILE NAME 




PROCESS RESOURCE 



m A RETURN) 



SAGE-26,477 



5/12 



FIG. 8 




{52 A RETURN) 



SAGE-26,477 



168- 



USER ID 
AND 
PASSWORD 

170 
160 



FIG. 9 
I 

PROCESS 
REQUESTING 
ACCESS 
NUMBER 1 



165- 



164 



RESOURCE 
ACCESS TABLE 
NUMBER 1 

rzz 



162- 



172- 



T 



RESOURCE A 



6/12 



PROCESS 
REQUESTING 
ACCESS 
NUMBER 2 



166- 



164 



RESOURCE 
ACCESS TABLE 
NUMBER 2 

\ 



f 



168 



o o o 



o o o 



PROCESS 
REQUESTING 
ACCESS 
NUMBER N 



167- 



RESOURCE 
ACCESS TABLE 
NUMBER N 



168 



164 



OPERATING SYSTEM 



172- 



RESOURCE B 



172- 



RESOURCE C 



200 



X START ) 



204- 



206- 



LAUNCH APPLICATION 
AND BIND WITH A 
RESOURCE ACCESS TABLE 



START APPLICATION 




ACCESS DENIED 



216 



FIG. 10 



1 



READ RESOURCE ACCESS 
TABLE FOR REQUESTING 
APPLICATION 



INTERPRET ENTRIES 



ACCESS GRANTED 



( RETURN K oq/! 



-218 




-226 



SAGE-26,477 



7/12 



242- 



FIG. 11 
240 X]start3 



OPERATING SYSTEM RECEIVES 
COMMAND FROM USER: 
DELETE XYZ 



244 

'OPERATING^ 
SYSTEM CHECKS: 
USER ALLOWED DEL 
COMMAND? 



246- 



252- 



LOAD DEL, FETCH 
ACCESS RIGHTS 



ACCESS GRANTED, 
EXECUTE COMMAND 




256 



ACCESS 
RIGHTS DENIED 



25/| _ X RETURN) 



SAGE-26,477 



8/12 



FIG. 12 

USER 1 
300 



USER 2 



304 



PROCESS A 

—? 

302 



PROCESS B 
~7 



306 



308 

z_ 



PROCESS C 



310- 



312- 



318- 







OS 


PBS 


60 


76 







USER 1 RAT 


PA 


PB 


USER 2 RAT 


PA 


PC 



324 

I 

RESOURCE 1 



326 



RESOURCE 2 



328 



RESOURCE 3 



-314 
-316 

-320 
-322 



364- 



368- 



370- 



FIG. 14 

SET PASSWORD ! AUTHENTICATION 



ENTER USERNAME 



ENTER OLD PASSWORD 




ENTER NEW PASSWORD 



AUTHENTICATION 
PROCESS 



CONFIRM 
AUTHENTICATION 



STORE PASSWORD 
IN ASSOCIATION 
WITH USERNAME 



-366 



-369 



-372 



1 



SAGE-26,477 



FIG. 13 



USER/CLIENT 



9/12 

PROCESS WITH 
AUTHENTICATION CALL 
(LOGIN.EXE) 



AUTHENTICATION 
MODULE 



INITIATE 
AUTHENTICATION 

7 

330 



REQUEST RANDOM 
NUMBER (RN) 



ENTER USERNAME, 
PASSW ORD 

7 

342 



344 



332 



GENERATE 
RANDOM NUMBER 

7" 



GENERATE HASH 
(PASSWORD AND 
RANDOM NUMBER) 



SEND USERNAME, 
HASH 



346 



334 



336 



MODIFY PROCESS' 
TASK STRUCTURE 



STORE RANDOM NUMBER 

S 

338 



SEND RANDOM NUMBER 



340 



CHECK PROCESS' TASK 
STRUCTURE FOR PENDING 
AUTHENTICATION 



~7" 

348 



350 



RETRIEVE RANDOM NUMBER 



RETRIEVE PASSWORD 
ASSOCIATED WITH USERNAME 



352 



354 



GENERATE HASH (PASSWORD 
AND RANDOM NUMBER 



COMPARE HASH VALUES 



356 



362 



358 



MODIFY PROCESS' 
TASK STRUCTURE 



SET USER = 
USERNAME 



CONFIRM AUTHENTICATION 
SET USER=USERNAME 



360 



SAGE-26,477 



10/12 



374- 
375- 
377- 



382- 



386- 



394- 



400- 



FIG. 15 



KEY EXCHANGE 



CLIENT 



REQUEST KEY EXCHANGE 



SEND USERNAME 



ENTER PASSWORD (PW) 



CALCULATE HASH H(PW, RN1) 



KEY1=H(PW, RN1) 



CALCULATE HASH H(PW, RN2) 



KEY2=H(PW, RN2) 



SERVER 




MODIFY TASK STRUCTURE 



GENERATE RANDOM NUMBER 1 




SEND RANDOM NUMBER 1 



RETRIEVE PASSWORD (PW) 
ASSOCIATED WITH USERNAME 



CALCULATE HASH H(PW, RN1) 



KEY1=H(PW, RN1) 



GENERATE RANDOM NUMBER 2 




SEND RANDOM NUMBER 2 



CALCULATE HASH H(PW, RN2) 



KEY2=H(PW, RN2) 



MODIFY TASK STRUCTURE 



-376 
-378 
-380 

-382 

-384 
-388 
-390 
-392 
•396 

•398 

•402 



SAGE-26,477 



11/12 



BUYER 



FIG. 16 

POS 



PBS SERVER 



FINANCIAL SERVER 



INITIATE 
PURCHASE 

—? 

404 



SELECT 
CREDIT 
CARD 

"7- 



408 




DISPLAY 
CREDIT 
CARD-DIGITS 



406 



410 



SEND CREDIT 
CARD 
IDENTIFIER 




COMPLETE 
TRANSACTION 



418 



REPLACE 
CREDIT CARD 
IDENTIFIER 



412 



READ CREDIT 
CARD NUMBER 
ASSOCIATED 
WITH CREDIT 
CARD IDENTIFIER 




414 
J_ 



PROCESS 
TRANSACTION 




GENERATE NEW 
CREDIT CARD 
IDENTIFIER 

— s — 

420 



SEND 
APPROVAL 
OR DENIAL 

— s~~ 

416 



SAGE-26,477 



12/12 



FIG. 17 

CLIENT A 



PBS 



CLIENT B 



INITIATE SESSION 

7 

424 



SEND FILE 
FOR CLIENT B 

? 

428 



426 



AUTHENTICATE CLIENT A 



STORE FILE IN SPACE 
ACCESSIBLE TO CLIENT B 



430 



AUTHENTICATE CLIENT B 



434 



432 



INITIATE SESSION 



ACCESS FILE 



436 



438 



440 



446 



448 



450 



FIG. 18 



INITIATE BOOT SEQUENCE 



CHECK FOR BOOT 
SECTOR ON HARD DRIVE 




BOOT FROM FLASH MEMORY 



REFORMAT HARD DRIVE 



POPULATE HARD DRIVE 
WITH PBS SOFTWARE 



444 



BOOT PBS 
SERVER 



